CWE-820 - Missing Synchronization
- Abstraction:Base
- Structure:Simple
- Status:Incomplete
- Release Date:2010-09-27
- Latest Modification Date:2023-10-26
Weakness Name
Missing Synchronization
Description
The product utilizes a shared resource in a concurrent manner but does not attempt to synchronize access to the resource.
If access to a shared resource is not synchronized, then the resource may not be in a state that is expected by the product. This might lead to unexpected or insecure behaviors, especially if an attacker can influence the shared resource.
Common Consequences
Scope: Integrity, Confidentiality, Other
Impact: Modify Application Data, Read Application Data, Alter Execution Logic
